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NATIONAL SECURITY AGENCY 
CENTRAL SECURITY SERVICE 

FORT GEORGE G. MEADE, MARYLAND 20755-6COO 

10 December 2007 


MEMORANDUM FOR THE CHAIRMAN, INTELLIGENCE OVERSIGHT BOARD 


THRU: Assistant to the Secretary of Defense (Intelligence Oversight) 

SUBJECT: (U/ /FQU0) Report to the Intelligence Oversight Board on NSA 
Activities - INFORMATION MEMORANDUM 

(U/ /FQUO) Except as previously reported to you or the President, or otherwise 
stated in the enclosure, we have no reason to believe that any intelligence activities 
of the National Security Agency during the quarter ending 30 September 2007 were 
unlawful or contrary to Executive Order or Presidential Directive, and thus required 
to be reported pursuant to Section 1.7 .(d) of Executive Order 12333. 


(U/ /FOUQ) The Inspector General and the General Counsel continue to 
exercise oversight of Agency activities by means of inspections, surveys, training, 
review of directives and guidelines, and advice and counsel. These activities and 
other data requested by the Board or members of the staff of the Assistant to the 
Secretary of Defense (Intelligence Oversight) are described in the enclosure. 



B2(LU. 


C-EORGWELLARD 
Inspector General 



Vm) T. 

General Counsel 


CU//FOUQ) I concur in the report of the Inspector General and the General 
Counsel and hereby make it our combined report. 



Lieutenant General, U. S. Army 
Director, NSA/Chief, CSS 


End: 

Quarterly Report. 
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1. (U/ /FQOO) Intelligence, counterintelligence, and intelligence-related activities 
that violate law, regulation, or policy substantiated during the quarter, as well as 
any actions taken as a result of the violations. 

(U) Intelligence Activities 

(TQ//DI//I USL TO USA , FV mf Unintentional collection against United States (U.S.) 

persons. [ [ instances in which Signals Intelligence (SIGINT) analysts (b) (l) 

inadvertently collected communications to, from, or about U. S. persons while (b) (3)-p. l. 86- 

pursuing foreign intelligence tasking were reported this quarter. All collection has 

been terminated and all intercepts and reports were deleted or destroyed as b ) ^ 

required by USSID SP0018. (b)(3)-P.L. 86-36 

(b)(3)-50 USC 3024(i) 

~ff 8// S I//RRL TO U3A, PVEY) f~ |of those instances occurred during 


(S// S I//REL) There were I [ instances of unintentional collection resulting 
from poorly constructed database queries, and one incident resulting from human 
error. In the latter case, the analyst neglected I 

(i) 

"'/ (b) (3) - P. L. 86-36 

(3//9V/REL) OnCZloccasions, targets initially thought to be legitimate and 
foreign were later found to hold U. S. cit izenship or permane nt resident status after 
they were tasked for c ollection. On I O c casions, the targets I 

~| Another target usecj j 

during travel to the United States. 

(TQ//0I//ISrF) | | it w as discovered that the telephone 

numbers of a target, identified as a U.S. person | | (reported in the third 

quart er report) , were not properly removed from a database. Although collection 
ceased ] I the numbers were included in a recent query of the database. Upon 

recognition, the numbers were immediately removed from the database. 

_-jSffSfrAdditionpllY, in qne incident, wM I 


After confirming that the communicant is a U.S. person, the FBI | | 

(b) (1) Derived From: NSA/CSSM 1-52 

(b) (3) -P. L. 86-36 Dated: 20070108 

Declassify On: 30320108 

T O P 5PCRE T //C O MIN T //NOPORN//2032010 8 
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QSft. 

(b) (>h|' i. 


I 


Submitted a request, still pending, for Attorney 


General approval to target the communicant overseas under Section 2.5, Executive 
Order 12333. 


(b)(1) 

(b)(3)-P.L. 86-36 


( , S/j i SI//NF) A lthough a targeted company claimed to be a foreign entity, it was 
later found to be incorporated in the United States, thus collection occurred against 
a U.S. affiliate. 


tar s et l_1 

resulting in collection on| |U.S. person^ 




| This risk reduction measure identified I linc identsu n 


]in the United States. In i l instances. as reouired by the PAA. collection 


(b) 


- ) 


(b)(3)-P.L. 86-36 


(S//SI//NF) The Protect America Act of 2007 (PAA), enacted on 5 August 2007, 
amends the FISA. To ensure the “foreigimess” of a target as required by the PAA, 


i-P.L. 86-36 
1-50 USC 3024l 


was suspended immediately until the target left the United S tates. In one instanc e, 
analysts noted the target’s presence in the United States, but | 1 

| | resulting in detasking delaysibi ( 

and in unauthorized collection. Corrective actions have been taken to l essen thej^j j 
risk of recurrence, including changes to internal control procedures. In | | 

instances, the foreignness of valid targets was not confirmed when PAA was 
implemented resulting in unauthorized collection when the targets were later found 
to be in the United States. 

-(TS//Si//I ‘ iP r F oreign Intelligence Surveillance Act (FISA) collection. There are | | 

FISA collection incidents to report this quarter. All collection has been terminated 
and all intercepts were deleted or destroyed as required by USSID SPG0I8. b > < i > 

(b)(3)-P.L. 86-36 


(T0//GWNP) | l ther e werel I separate incidents in 

which the | ~~| Branch inappropriately ta sked | targets for collection. In 


_] incidents from f 

implemented while the[_ 


_] collection suspensions were not 

_Itargets were in the United States because of 

so ftware pr oblems with I C ollection assets, resulting in continued collection 

on I l until the mistake was noted. No transcripts or reports were generated 
based on the collection. New procedures were implemented to insure that proper 
notification takes place in the fut ure. Ini lincidents, NSA analysts determine d 
that the telephone numbers were l ~1 


OGA. 

(b)(7)(E) 

[and in the other J 

— 


1 / 

••• 

(b)(1) 


(b) (1) 

(b)(3)-P.L. 86-36 

(b) (3) —P. 
(b)(3)-18 
(b)(3)-50 


L. 86-36 
USC 798 
USC 3024(i) 
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(s//d i/) wT 

target u sed 
Although 


1 a nalysts recognized t hat an authorized 
l the United States on| I 

Jwas detasked upon recogni tion, ! I 

[ resulting in continued collection for 


several days after recognition. No reports were issued based on the collection. 
Management reviewed the procedures regarding these incidents to insure proper 
notification in the future. 


(TO/ZObyNP) Unauthorized disse mination of FISA data. 

analyst forwarded FISA data to a l 
not authorized to receive such data. [ 


^personnel 


_an 

Jwhich was 


discovered the mistake, destroyed all the data, and cancelled the report based on 
the information. 


4-Tfi//GI//NF H3nintantionai collection against U.S. persons| 


In all instances, the calls were deleted immediately upon recognition in 


accordance with USSID SP0018 guidelines, and no reports were issued. 


i) 
3) 
(b)(3) 
(b)(3) 


Term 

(b)(3) 


(S//BI//REL TO UGA, FVEY) Unintentional dissemination of U.S. identities. 

During this quarter, | ISIGINT products were cancelled because they contained the 
identities of U.S. persons, organizations, or entities. In all instances, th e repor ts 
were either not reissued or were reissued with the proper minimization. I I 
additional dissemination violations resulted in unauthorized access to SIGINT data: 


-P.L".'" 86-36/ 


(TC//0I//N F ) [ 


an 


NSA[ 


_ i Branch analyst 

sought transcription assistance from] |unminimized and unevaluated 

voice com munications from a l I that is not to be shared with 

I 1 NSA confirmed that the communications were dest royed witho ut further 


distribution and were deleted from the computer hard drives 


analysts. 


mmu/NF 


~jsharedj~ Ipieces of umrtinimized and unevaluated SIGINT with the (b) ( 

1 OGA 


an analyst with NS^[ 


] 


The 


recipients of the SIGINT were not authorized to view the material. The emails 
containing the unm inimized and une valuated SIGINT were successfully and 
completely recalled 


(3)-P.L. 86-36 


TOP 0EGRET//GOMINT//NOFQRI4//20320108 " 


(31-P.L. 86-36 


(b)(1) 

(b)(3)-P.L. 86-36 


i) (1) 

5) (3)-P.L. 86-36 


-P.L. 86-36 
-18 USC 798 
-50 USC 3024(1) 


>) ( 1 ) 

>) (3J-P.L. 86-36 


(b)(3)-P.L. 86-36 


3)-50 USC 3507 
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(U) Counterintelligence Activities. 
(U) Nothing to report. 

(U) Intelligence-related Activities. 


■ZSf\b) (i) 

(b)(3)-P.L. 86-36 


(T3//3I//REL TO UOA, FVEV)[ 


_ i _ | _ i NSA Texas 

inappr opriately targeted a U.S. person based o n an | | rather than an NSA, 

‘ ! r Upon recognition of the mistake[ 


waiver 


that de 

numbers that were permanently detasked [] 


the telephone numbers were detasked. [ 
asking had not taken place and to ok temporary measu res to detask the 


] analysts determined 


(U//FOUO) On l j occasions during this quarter, SIGINT analysts accessed 
SIGINT in databases to which they improperly retained access from previous 
assignments. Their accounts were disabled and they received remedial training 
concerning the proper use of databases. 


(b)(3)-P.L. 86-36 


of the U.S. SIGINT System. 


" T aSIGIML 

analyst conducted database queries at the request and with the permission of|_ 

I The an alyst 

targeted the | 

database. No information was developed and no reports were issued. 

2. (U/ /FQUQ) Intelligence Oversight Inspections. 


in a SIGINT 


CU//FOUO) During this quarter, the Office of Inspector General (OIG) reviewed 
various intelligence activities of the NSA/CSS to determine whether they were 
conducted in accordance with applicable statutes, Executive Orders, Attorney 
General procedures, and Department of Defense and internal directives. With few 
exceptions, the issues presented were routine and indicated that the operating 
elements understand the restrictions on NSA/CSS activities. 


(b)(1) 

(b)(3)-P.L. 86-36 
(b)(3)-18 USC 798 
(b)(3)-50 USC 3024(i} 


(U//F©W[ 


3- Intelligence Oversight Program 


"(bj) ( i ) 

A(3)-P.L. 86-36 


a ge 

Management is degraded by deficiencies in th e| [personnel database and the; b i) ( 3 > -50 use 3024111 
process u sed to ensure that all personnel with | 

^receive intelligence oversight training before they are exposed to 


operational or classified information. Additionally, although training is conducted 
as required fay the DoD Regulation 5240.1-R and NSA/CSS Policy 1-23, more 
emphasis is needed on U.S. Signals Intelligence Directive SP0018 and National 
Telecommunications and Information Systems Security Directive 600 standa rds. 

The OIG will provide an update in a future report regarding actions taken by_ 

to correct the inspection findings. 
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(b)(1) 

(b)(3)-P.L. 86-36 
(b)(3)-50 USC 3024(i) 


(TS//BI//NP) Special Study onj__ 

2007, a review was completed to determine whether NSAl 


1 In July 



The review did not find a pattern of errors, exaggeration of facts, or any intentional 
misstatements by NSA | _ 


3. (U) Substantive Changes to the NSA/CSS intelligence Oversight Program. 

<U) Nothing to report. 


4. (U) Changes to NSA/CSS published directives or policies concerning 
intelligence, counterintelligence, or intelligence-related activities and the reason 
for the changes. 


(U) Nothing to report. 


5. (U) Procedures governing the activities of Department of Defense (DoD) 
intelligence components that affect U.S. persons (DoD Directive 5240.1-R, 
Procedure 15) inquiries or Matters Related to Intelligence Oversight Programs. 

(U) Nothing to report. 
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